My Oracle Support Banner

Secure Flags Not Set to "Secure" when Creating Session Cookies. (Doc ID 1677578.1)

Last updated on OCTOBER 14, 2023

Applies to:

Oracle WebCenter Portal - Version and later
Information in this document applies to any platform.


When accessing WebCenter pages, the secure flag of JSESSIONID was set to "NULL" instead of "Secure". This may cause a Session Stealing issue.


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.